| Título | Totolink N300RT Router V3.4.0-B20250430 Buffer Overflow |
|---|
| Descrição | A stack-based buffer overflow vulnerability exists in the boa web server of the TOTOLINK N300RT router (firmware <= V3.4.0-B20250430). The vulnerability is located in the is_cmd_string_valid function within libapmib.so, which fails to validate the length of the localPin parameter in the /boafrm/formWsc endpoint. An authenticated attacker can bypass CSRF and token checks to send a crafted POST request with an oversized payload. This overflows a local buffer and overwrites the saved return address ($ra), leading to a Denial of Service (DoS) or potential Remote Code Execution (RCE). |
|---|
| Fonte | ⚠️ https://github.com/xiaohaiyang-ai/TOTOLINK-N300RT-Buffer-Overflow |
|---|
| Utilizador | xyhackr (UID 96769) |
|---|
| Submissão | 10/04/2026 16h17 (há 2 meses) |
|---|
| Moderação | 27/04/2026 17h29 (17 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 359818 [Totolink N300RT 3.4.0-B20250430 libapmib.so /boafrm/formWsc is_cmd_string_valid localPin Excesso de tampão] |
|---|
| Pontos | 20 |
|---|